Giacom Partner Guides

Downloading and Installing OTG for Windows

Read Before Installing OTG for Windows to understand some important prerequisites before following the steps below to download and install OTG.

  1. Click here to download the Windows OTG install file (setup.msi). The current version of OTG for Windows is .

  2. Ensure you are logged in with Administrator privileges.

  3. Go to the command prompt. OTG is installed from the command prompt for both a single install or multiple installs across your network using your preferred deployment method, e.g. group policy.

  4. Change directory so you are in the same directory as the setup.msi file downloaded in step 1.

    Important

    The installation requires you to provide your customer's TitanHQ Portal login credentials. This allows for the automatic creation of Roaming Locations in WebTitan Cloud. These parameters are used once and not stored.

  5. During installation, an administrator must create a command script based on the sample shown below with parameters edited for your WebTitan Cloud. When passed to OTG, these details create the roaming location key for this device.

    There are four required parameters described in the table below that must be edited. There are also several optional parameters described further down this page.

    setup.msi /quiet /qb WTC_SERVER_URL=http://mycloud.webtitancloud.com:8080 DNS_RESOLVER=1.2.3.4 CUSTOMER_EMAIL=docs@titanhq.com CUSTOMER_PASSWORD=iXdrEPx32a

    The command must be on a single line with no line breaks.

    Required Parameters:

    Parameter

    Description

    Example

    WTC_SERVER_URL

    The URL and port number of your customer's WebTitan Cloud instance. You can get the FQDN by opening a command prompt in windows and typing nslookup followed by the WebTitan Cloud IP e.g. nslookup 1.2.3.4

    Your customer's WebTitan Cloud IP was sent by email when you added them to the TitanHQ Portal.

    http://wtc1.webtitancloud.com:8080

    DNS_RESOLVER

    The IP address(es) of the WebTitan Cloud DNS resolver to send DNS requests to.

    1.2.3.4

    CUSTOMER_EMAIL

    This is the email address used by a customer to log into their TitanHQ portal.

    docs@titanhq.com

    CUSTOMER_PASSWORD

    The password used by a customer to log into their TitanHQ portal.

    iXdrEPx32a

  6. Enter your custom script at the command prompt and press Enter

After Installing OTG for Windows

There are a number of things to note after OTG installation:

  • Assuming your current external IP address is not configured to be bypassed, OTG will connect to your WebTitan Cloud account and start filtering.

  • After installation, OTG connects to WebTitan Cloud and creates a new roaming location and a new user. The user will have a unique identifier made from the username@machine-name, e.g. docs@TRAINING-PC. If the PC is a member of a domain, then the user identifier will be the username appended with the domain name.

  • Users created via OTG are assigned the default customer policy, but this can be changed to a new or different policy as required - see Policies for more information.

  • OTG automatically downloads and installs the WebTitan Cloud SSL certificate to the Windows trusted certificates (also Firefox’s if installed). This allows the WebTitan Cloud block page for HTTPS sites to be shown without an error.

Optional OTG Installation Parameters

When creating your command line script for installing OTG, as well as the four required parameters there are also several optional parameters which you can use:

Parameter

Description

LOCATION_NAME

When creating a roaming location, OTG assigns the Windows or Mac computer name by default. To change this you can specify a LOCATION_NAME value.

LOCATION_NAME should not be used if installing multiple OTGs, as the roaming location names must be unique.

Example: LOCATION_NAME=Training-PC

LOCATION_NAME_SUFFIX

If specified, a LOCATION_NAME_SUFFIX is appended to the LOCATION_NAME and separated using '@', e.g LOCATION_NAME@LOCATION_NAME_SUFFIX

LOCATION_NAME and LOCATION_NAME_SUFFIX should not be used together if installing multiple OTGs, as the roaming location names must be unique.

Example: LOCATION_NAME_SUFFIX=Laptop

BYPASS_IPS

A remote user may visit a location (e.g. main office) which is also using WebTitan Cloud or any other internal filtering solution for filtering. In this case, you may want OTG to be disabled while there. To do this, the office's public facing IP can be added to a list of bypass IP when OTG is installed. When the user leaves the office, OTG will detect the IP change and start filtering again.

When OTG is in bypass mode, the OTG tray icon will show "status: ignored".

To bypass multiple IPs (e.g. several locations) use a comma to separate them:

Example: BYPASS_IPS=88.88.88.88,22.99.99.99

To bypass a range of IPs use a hyphen to separate the two addresses:

Example: BYPASS_IPS=88.88.88.88-88.88.88.99 (no spaces between the hyphen and IPs).

TRAY_TYPE

Controls the WebTitan Cloud OTG information, logo and popup notifications in the Windows system tray or macOS menu bar. Values can be:

  • 0 - hide the tray icon.

  • 1 - only show tool tip, but no notification balloon. (default)

  • 2 - show both tool tip and notification balloon.

Example: TRAY_TYPE=2

DYNAMIC_FORWARD

Used conditionally forward requests for particular domains to specific DNS servers, based on the current external IP address.

This is useful if you want to treat domains differently depending on where the user is, e.g. if a company's internal domain is the same name as its external domain and where access to the local office resources are impacted if routed externally. The format is:

DYNAMIC_FORWARD= [site]@[external IP]-[Resolvers, …];

Example: DYNAMIC_FORWARD=mycompany.com@123.177.20.80-10.1.0.34;somewhere.com@83.76.163.216-56.11.11.11,192.168.1.1, meaning:

When external IP is 123.177.20.80, a query for *.mycompany.com will be forwarded to 10.1.0.34

and

When external IP is 83.76.163.216, a query for *.somewhere.com will be forwarded to 56.11.11.11 or 192.168.1.1

FORWARD_DOMAIN

Unconditionally forward any requests for the local domain to a local DNS server (rather than to WebTitan Cloud). If enabled, on startup OTG will attempt to get the name of local domain and will store the DNS settings provided, for example by the DHCP server of that local domain.

When OTG detects requests for the local domain (or subdomains), it doesn't send them to WebTitan Cloud, but to the stored IP of the local DNS server.

Can be set either true or false, e.g. FORWARD_DOMAIN=true

RPC_PORT

Allows OTG to specify a port for communication with WebTitan Cloud other than the default 7771.

Note

If this parameter is supplied, private cloud WebTitan Cloud servers must also be configured to listen on the port specified.

Example: RPC_PORT=7772